openSUSE Security Update : kernel (kernel-1097)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE 11.1 kernel was updated to fix various bugs and several
security issues. It was also updated to the stable release

Following security issues were fixed: CVE-2009-1961: A local denial of
service problem in the splice(2) system call was fixed.

CVE-2009-1389: A crash on r8169 network cards when receiving large
packets was fixed.

CVE-2009-1385: Integer underflow in the e1000_clean_rx_irq function in
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux
kernel, the e1000e driver in the Linux kernel, and Intel Wired
Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a
denial of service (panic) via a crafted frame size.

CVE-2009-1630: The nfs_permission function in fs/nfs/dir.c in the NFS
client implementation in the Linux kernel, when atomic_open is
available, does not check execute (aka EXEC or MAY_EXEC) permission
bits, which allows local users to bypass permissions and execute
files, as demonstrated by files on an NFSv4 fileserver

See also :

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 7.8

Family: SuSE Local Security Checks

Nessus Plugin ID: 40360 ()

Bugtraq ID:

CVE ID: CVE-2009-1385

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now